Authenticator and combination of challenges with manual and http

I was able to certify a domain with the following command about a month ago. I am testing its reproducibility and it does not work with the error below.

I ran this command:
certbot certonly --manual -n -d mydomain.com --agree-tos --email myemail … --preferred-challenges=http-01 --manual-auth-hook auth_hook --manual-public-ip-logging-ok

It produced this output:
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
Error in certbot: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.

I’ve tried this on both MacOS Catalina and Windows 10.

I am using Certbot 1.6.0.

1 Like

Hi,

Do you have any chance of trying to use manual w/ HTTP challenge to obtain a wildcard certificate?
certbot certonly --manual -n -d mydomain.com --agree-tos --email myemail … --preferred-challenges http-01 --manual-auth-hook auth_hook --manual-public-ip-logging-ok

If so, wildcard certificates can only be obtained by DNS challenge, so that’s why the error message appear.

2 Likes

Yes, that was the issue. I was generating that command in a script that automatically prepended “*.” to enforce a wildcard certificate. Thank you.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.